This happens fairly often. But honestly it's a bit ridiculous that Google suggests that you change from a .co.uk to a .com to resolve the issue. That is NOT an option unless they're going to pay for the domain and the domain migration.
I would keep pushing back on that, there is no way that you need to move to another TLD.
They say that the site is "compromised and has malicious software", I bet it's actually something else, like a site that you're linking out to that's compromised and malicious--that's happened quite a bit in cases where sites are flagged like this in Google Ads.
The logical thing to do would be to provide that feedback as part of the assessment, if they're linking to a compromised site. Even that seems flawed, however. If OPs site is marked as compromised (and isnt) and someone links to it, will they then also be denied access to advertising because their site is now compromised? Soon thereafter I imagine that we have a runaway cascade and everyone is "compromised".
> Soon thereafter I imagine that we have a runaway cascade and everyone is "compromised".
The web isn't as well woven as it used to be. They'll just harm a bunch of innocent people, not numerous enough for the public at large to even notice.
I would keep pushing back on that, there is no way that you need to move to another TLD.
They say that the site is "compromised and has malicious software", I bet it's actually something else, like a site that you're linking out to that's compromised and malicious--that's happened quite a bit in cases where sites are flagged like this in Google Ads.